Critical Vulnerability in SonicWall Firewalls Allows Unauthorized Access

DOWNLOAD PDF

Summary

SonicWall issued patches for a critical vulnerability (CVE-2024-40766) affecting its firewalls.  The flaw could allow unauthorized access and potentially crash the device if exploited.

 

Risk Score

CVE-ID                                 CVSSv3

CVE-2024-40766                9.3

 

VULNERABILITY DETAILS

This critical CVE-2024-40766 could lead to unauthorized access to the devices. This vulnerability stems from improper access control within the SonicOS management interface, potentially leading to unauthorized resource access and, under specific conditions, causing the firewall to crash.

The vulnerability severity score is 9.3, due to its network-based attack vector, low attack complexity, and the fact that it requires neither authentication nor user interaction to be exploited.

 

AFFECTED PRODUCTS

  • SonicWall Firewall Gen 5 devices (SOHO): 5.9.2.14-12o and older versions
  • SonicWall Firewall Gen 6 devices: 6.5.4.14-109n and older versions
  • SonicWall Firewall Gen 7 devices running SonicOS 7.0.1-5035 and earlier versions

 

RECOMMENDATIONS

  • Apply the latest security patches released by SonicWall.
    • SOHO (Gen 5 Firewalls) – 5.9.2.14-13o
    • Gen 6 Firewalls – 6.5.2.8-2n (for SM9800, NSsp 12400, and NSsp 12800)
    • Gen 6 Firewalls – 6.5.4.15.116n (for other Gen 6 Firewall appliances)
    • Note: Any SonicOS version higher than 7.0.1-5035 for Gen 7 devices. (This vulnerability is not reproducible in SonicOS firmware version higher than 7.0.1-5035. However, SonicWall recommends to install the latest firmware.)
  • If immediate patching is not possible, restrict firewall management access to trusted sources.
  • Disable firewall WAN management access from internet sources as an additional precaution.
  • Keep an eye on firewall logs and monitor for any unusual access attempts or crashes

 

REFERENCES

CONTACT US